Chromium unbemerkt installiert

Nedsch

Aktives Mitglied
Thread Starter
Dabei seit
04.09.2010
Beiträge
132
Reaktionspunkte
9
Heute hatte ich plötzlich eine zweite Lupe in der Taskleiste. Und war sehr verwundert. Hab dann gesehen, dass es einen Ordner "Applications" gibt. In dem lagen Chromium.app, Top Results.app und ein Ordner Yahoo Powered Search. Alles unbemerkt passiert.

Was ich heute bewusst installiert habe ist FileZilla. Von dieser Seite: https://filezilla-project.org/download.php?platform=osx
Machte mir aber keinen zweifelhaften Eindruck.

Malwarebytes hatte dann noch runCmm.app gefunden. Und EtreCheck zwei verdächtige Daten mit heutigem Datum.
Habe nun alles, was ich gefunden habe, gelöscht. Auch alles was ich an Chromium in der Library gefunden habe. (Application Support, Caches, Preferences).
Malwarbytes und EtreCheck zeigen nun meines Wissens keine besonderen Auffälligkeiten mehr an.

Bin ich damit auf der sicheren Seite? Oder könnte ich mir irgendwas eingefangen haben? Und besser die Festplatte löschen und ein Backup zurück laden?
 
Anbei der Report. (Ist doch der vollständige Report, oder?)

Code:
EtreCheck version: 6.0.3 (6A009)
Report generated: 2019-11-01 16:08:41
Download EtreCheck from https://etrecheck.com
Runtime: 2:25
Performance: Excellent

Problem: No problem - just checking

Major Issues:
  Anything that appears on this list needs immediate attention.
  Time Machine backup out-of-date - The last Time Machine backup is over 10 days old.
  System Integrity Protection disabled - System Integrity Protection is disabled. This computer is at risk of malware infection.

Minor Issues:
  These issues do not need immediate attention but they may indicate future problems or opportunities for improvement.
  Apps crashing - There have been numerous app crashes.
  Apps with heavy CPU usage - There have been numerous cases of apps with heavy CPU usage.
  Clean up - There are orphan files that could be removed.
  Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed.
  System modifications - There are a large number of system modifications running in the background.
  Vintage hardware - This machine may be considered vintage.
  Heavy I/O usage - Your system is under heavy I/O use. This will reduce your performance.

Hardware Information:
  Mac Pro (2010 - 2012) - Vintage!
  Mac Pro Model: MacPro5,1
  2 3,46 GHz 6-Core Intel Xeon (Xeon(R)) CPU: 12-core
  96 RAM - At maximum
    DIMM 1 - 16 GB DDR3 ECC 1333  ok
    DIMM 2 - 16 GB DDR3 ECC 1333  ok
    DIMM 3 - 16 GB DDR3 ECC 1333  ok
    DIMM 4 - Empty   
    DIMM 5 - 16 GB DDR3 ECC 1333  ok
    DIMM 6 - 16 GB DDR3 ECC 1333  ok
    DIMM 7 - 16 GB DDR3 ECC 1333  ok
    DIMM 8 - Empty   

Video Information:
  Radeon RX 580 - VRAM: 8192 MB
    PA241W 1920 x 1200
    DELL P2214H 1920 x 1080

Drives:
  disk0 - Samsung SSD 970 EVO Plus 1TB 1.00 TB (Solid State - TRIM: Yes)
  External 5.0 GT/s x4 NVM Express
    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk0s2 [APFS Container] 1000.00 GB
      disk3 [APFS Virtual drive] 1000.00 GB (Shared by 4 volumes)
        disk3s1 - B***e (APFS) (Shared - 276.89 GB used)
        disk3s2 - Preboot (APFS) [APFS Preboot] (Shared - 22 MB used)
        disk3s3 - Recovery (APFS) [Recovery] (Shared - 517 MB used)
        disk3s4 - VM (APFS) [APFS VM] (Shared - 20 KB used)

  disk1 - WDC WD2002FAEX-00MJRA0 2.00 TB (Mechanical)
  Internal SATA 3 Gigabit Serial ATA
    disk1s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk1s2 - D*****1 (Journaled HFS+) 2.00 TB (606.87 GB used)

  disk2 - WDC WD1001FALS-41Y6A1 1.00 TB (Mechanical - 7200 RPM)
  Internal SATA 3 Gigabit Serial ATA
    disk2s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk2s2 - D*****2 (Journaled HFS+) 999.86 GB (916.40 GB used)

Mounted Volumes:
  disk1s2 - D*****1
    2.00 TB (606.87 GB used - 1.39 TB free)
    Journaled HFS+
    Mount point: /Volumes/D*****1

  disk2s2 - D*****2
    999.86 GB (916.40 GB used - 83.46 GB free)
    Journaled HFS+
    Mount point: /Volumes/D*****2

  disk3s1 - B***e
    1000.00 GB (Shared - 276.89 GB used - 722.36 GB free)
    APFS
    Mount point: /

Network:
  Interface en0: Ethernet 1
  Interface en1: Ethernet 2
  Interface fw0: FireWire
  Interface en2: Wi-Fi
    802.11 a/b/g/n
  Interface en3: Bluetooth PAN

System Software:
  macOS High Sierra 10.13.6 (17G8037)
  Time since boot: Less than an hour

Notifications:
  /Applications/EtreCheckPro.app
    2 notifications (one scheduled)

  /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app
    one notification

Security:
  System Status
  Gatekeeper: App Store and identified developers
  System Integrity Protection: Disabled

  Antivirus apps: MalwareBytes

Unsigned Files:
  Launchd: /Library/LaunchDaemons/com.autodesk.backburner_server.plist
    Executable: /usr/discreet/backburner/backburner_server run
    Details: Exact match found in the whitelist - probably OK

  Launchd: /Library/LaunchAgents/com.adobe.CS5ServiceManager.plist
    Executable: /Library/Application Support/Adobe/CS5ServiceManager/CS5ServiceManager.app/Contents/MacOS/CS5ServiceManager -launchedbylogin
    Details: Exact match found in the whitelist - probably OK

  Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist
    Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
    Details: Exact match found in the whitelist - probably OK

  Launchd: ~/Library/LaunchAgents/com.amazon.music.plist
    Executable: /Applications/Amazon Music.app/Contents/MacOS/Amazon Music Helper
    Details: Exact match found in the whitelist - probably OK

  Launchd: ~/Library/LaunchAgents/com.adobe.ARM.***.plist
    Executable: /Applications/Adobe Acrobat 9 Pro/Adobe Acrobat Pro.app/Contents/MacOS/Updater/Adobe Acrobat Updater Helper.app/Contents/MacOS/Adobe Acrobat Updater Helper
    Details: Close match found in the whitelist - probably OK

  Launchd: /Library/LaunchDaemons/com.autodesk.backburner_manager.plist
    Executable: /usr/discreet/backburner/backburnerManager
    Details: Exact match found in the whitelist - probably OK

  Launchd: /Library/LaunchAgents/com.orderedbytes.ControllerMateHelper.plist
    Executable: /Library/Application Support/ControllerMate/ControllerMateHelper.app/Contents/MacOS/ControllerMateHelper
    Details: Exact match found in the whitelist - probably OK

  Launchd: /Library/LaunchDaemons/com.autodesk.backburner_start.plist
    Executable: /usr/discreet/backburner/backburner boot
    Details: Exact match found in the whitelist - probably OK

  Launchd: /Library/LaunchAgents/net.culater.SIMBL.Agent.plist
    Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app/Contents/MacOS/SIMBL Agent
    Details: Exact match found in the whitelist - probably OK

  Launchd: /Library/LaunchAgents/com.seagate.SeagateStorageGauge.plist
    Executable: /Library/Application Support/Seagate/Seagate Storage Gauge.app/Contents/MacOS/Seagate Storage Gauge -doautolnch '/Library/Application Support/Seagate/Seagate Storage Gauge.app'
    Details: Exact match found in the whitelist - probably OK

  Login Item: ~/.Trash/runChmm/runChmm.app
  Login Item: /etc/mach_init_per_user.d/com.adobe.SwitchBoard.monitor.plist
  Login Item: ~/.Trash/Chromium.app

Kernel Extensions:
  /Library/Extensions
    [Not Loaded] FTDIKext.kext (1.0 - SDK 10.11)
    [Not Loaded] NVDAStartupWeb.kext (10.33.0 - OS X 10.7)
    [Not Loaded] GeForceTeslaWeb.kext (10.33.0)
    [Not Loaded] GeForceWeb.kext (10.33.0)
    [Not Loaded] NVDAGF100HalWeb.kext (10.33.0)
    [Not Loaded] NVDAGK100HalWeb.kext (10.33.0)
    [Not Loaded] NVDAGM100HalWeb.kext (10.33.0)
    [Not Loaded] NVDAGP100HalWeb.kext (10.33.0)
    [Not Loaded] NVDAGV100HalWeb.kext (10.33.0)
    [Not Loaded] NVDANV50HalTeslaWeb.kext (10.33.0)
    [Not Loaded] NVDAResmanTeslaWeb.kext (10.33.0)
    [Not Loaded] NVDAResmanWeb.kext (10.33.0)

  /Library/StartupItems/ArcanaStartupSound/Resources
    [Not Loaded] ArcanaPRAM.kext (1.1b3)

  /System/Library/Extensions
    [Not Loaded] ssuddrv.kext (1.4.45 - SDK 10.6)
    [Not Loaded] EltimaAsync.kext (0.2.5b15)
    [Loaded] ControllerMate.kext (4.4.3)
    [Not Loaded] Seagate Storage Driver.kext (5.0.1)
    [Not Loaded] Wacom Tablet.kext (Wacom Tablet 6.3.15-2 - SDK 10.11)

  /System/Library/Extensions/ControllerMate.kext/Contents/PlugIns
    [Not Loaded] CMADBDevices.kext (4.3.10)
    [Loaded] CMUSBDevices.kext (4.4.3)
    [Not Loaded] CMUSBKeyboard.kext (1.0)
    [Not Loaded] CMUSBPointer.kext (1.0)

  /System/Library/Extensions/Seagate Storage Driver.kext/Contents/PlugIns
    [Not Loaded] SeagateLeafPowSecDriver_10_4.kext (5.0.1)
    [Not Loaded] SeagateLeafPowSecDriver_10_5.kext (5.0.1)
    [Not Loaded] SeagateDriveIcons.kext (5.0.1)

  /System/Library/Extensions/ssuddrv.kext/Contents/PlugIns
    [Not Loaded] ssudmdmcontrol.kext (1.4.45 - SDK 10.6)
    [Not Loaded] ssudmdmdata.kext (1.4.45 - SDK 10.6)
    [Not Loaded] ssudmtp.kext (1.4.45 - SDK 10.5)
    [Not Loaded] ssudserial.kext (1.4.45 - SDK 10.6)
    [Not Loaded] ssdumdrv.kext (1.3)

Startup Items:
  ArcanaStartupSound Path: /Library/StartupItems/ArcanaStartupSound

System Launch Agents:
  [Not Loaded]  18 Apple tasks
  [Loaded]  172 Apple tasks
  [Running]  103 Apple tasks

System Launch Daemons:
  [Not Loaded]  36 Apple tasks
  [Loaded]  193 Apple tasks
  [Running]  106 Apple tasks

Launch Agents:
  [Not Loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2019-07-19)
  [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2019-08-08)
  [Running] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2019-10-13)
  [Loaded] com.adobe.CS5ServiceManager.plist (? 40cdc1ff  - installed 2010-10-25)
  [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2019-10-22)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2019-10-22)
  [Other] com.nvidia.nvagent.plist (? 41debf44  - installed 2019-08-22)
  [Not Loaded] com.oracle.java.Java-Updater.plist (? 0  - installed )
  [Running] com.orderedbytes.ControllerMateHelper.plist (? 3d190200  - installed 2010-07-19)
  [Running] com.seagate.SeagateStorageGauge.plist (? 502453cc  - installed 2010-05-13)
  [Not Loaded] com.teamviewer.teamviewer.plist (TeamViewer GmbH - installed 2019-07-03)
  [Not Loaded] com.teamviewer.teamviewer_desktop.plist (TeamViewer GmbH - installed 2019-07-03)
  [Running] com.wacom.wacomtablet.plist (Wacom Technology Corp. - installed 2015-11-03)
  [Not Loaded] net.culater.SIMBL.Agent.plist (? 850e6250  - installed 2015-07-12)
  [Loaded] setenv.lightmap.HDRLS_HOME_V5.plist (Apple - installed 2019-09-21)
  [Running] syncmateStarter.plist (? 6f95808e  - installed 2013-07-18)
 
Und Teil 2.

Code:
Launch Daemons:
  [Loaded] com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2019-08-08)
  [Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2019-08-08)
  [Loaded] com.adobe.SwitchBoard.plist (? 856489a3  - installed 2017-04-18)
  [Running] com.adobe.acc.installer.v2.plist (Adobe Systems, Inc. - installed 2019-10-13)
  [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2019-10-22)
  [Running] com.autodesk.backburner_manager.plist (? 1d85fe3b  - installed 2010-03-03)
  [Running] com.autodesk.backburner_server.plist (? 686ee575  - installed 2010-03-03)
  [Loaded] com.autodesk.backburner_start.plist (? d833ca96  - installed 2010-03-03)
  [Loaded] com.bombich.ccc.plist (? 41245744  - installed 2012-08-07)
  [Running] com.crystalidea.macsfancontrol.smcwrite.plist (Ilya Parniuk - installed 2019-10-13)
  [Loaded] com.iccir.ColorFakerHelper.plist (? e232cfc4  - installed 2012-11-13)
  [Running] com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2017-04-16)
  [Not Loaded] com.oracle.java.Helper-Tool.plist (? 0  - installed )
  [Loaded] com.teamviewer.Helper.plist (TeamViewer GmbH - installed 2019-07-03)
  [Not Loaded] com.teamviewer.teamviewer_service.plist (TeamViewer GmbH - installed 2019-07-03)
  [Loaded] com.wacom.displayhelper.plist (Apple - installed 2019-09-21)
  [Loaded] org.cindori.AuthHelper.plist (? f6a1cae2  - installed 2014-04-02)
  [Running] rapiback.plist (? 781899de  - installed 2013-03-19)

User Launch Agents:
  [Loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2019-07-19)
  [Loaded] com.adobe.ARM.***.plist (? 0  - installed 2013-05-19)
  [Loaded] com.adobe.ARM.***.plist (? 0  - installed 2015-09-24)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2019-10-22)
  [Loaded] com.adobe.ccxprocess.plist (Apple - installed 2019-08-21)
  [Running] com.amazon.music.plist (? 0  - installed 2015-09-24)
  [Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2019-10-04)
  [Loaded] com.google.keystone.xpcservice.plist (Google, Inc. - installed 2019-10-04)
  [Running] com.hp.devicemonitor.plist (HP Inc. - installed 2019-11-01)

User Login Items:
  Chromium.app (? - installed 2019-11-01)
    (Application - ~/.Trash/Chromium.app)

  Top Results.app (First Query Ltd. - installed 2019-11-01)
    (Application - ~/.Trash/Top Results.app)

  runChmm.app (? - installed 2019-11-01)
    (Application - ~/.Trash/runChmm/runChmm.app)

  com.adobe.SwitchBoard.monitor.plist (?)
    (MachInit - /etc/mach_init_per_user.d/com.adobe.SwitchBoard.monitor.plist)

Internet Plug-ins:
  AdobeExManDetect: AdobeExManDetect 1.1.0.0 (? - installed 2013-12-11)
  AdobeAAMDetect: 3.0.0.0 (Adobe Systems, Inc. - installed 2019-10-13)
  Default Browser:  (? - installed 2019-10-19)
  AdobePDFViewerNPAPI: 17.012.20098 (Adobe Systems, Inc. - installed 2019-05-03)
  AdobePDFViewer: 19.012.20034 (Adobe Systems, Inc. - installed 2019-05-03)
  Flip4Mac WMV Plugin: 2.3.4.1 (? - installed 2010-06-16)
  WacomTabletPlugin: WacomTabletPlugin 2.1.0.6 (? - installed 2015-11-03)
  iPhotoPhotocast: 7.0 (Apple - installed 2010-08-23)
  Silverlight: 4.0.50401.0 (? - installed 2010-09-02)
  PDF Browser Plugin: 2.4.4 (? - installed 2012-03-13)
  AmazonMP3DownloaderPlugin101749:  (?)

Audio Plug-ins:
  AppleTimeSyncAudioClock: 1.0 (Apple - installed 2019-10-05)
  BluetoothAudioPlugIn: 6.0.7 (Apple - installed 2019-10-05)
  AirPlay: 2.0 (Apple - installed 2019-10-05)
  AppleAVBAudio: 683.1 (Apple - installed 2019-10-05)
  BridgeAudioSP: 4.69.2 (Apple - installed 2019-10-05)
  iSightAudio: 7.7.3 (Apple - installed 2019-10-05)

3rd Party Preference Panes:
  Flip4Mac WMV (installed 2010-06-16)
  FUSE for OS X (OSXFUSE) (installed 2013-07-18)
  MagicMenu (installed 2010-06-18)
  Paragon NTFS for Mac  OS X (installed 2010-03-18)
  ArcanaStartupSound (installed 2009-09-12)
  WacomTablet (installed 2015-11-03)

Time Machine:
  Skip System Files: No
  Auto backup: Yes
  Volumes being backed up:
  Destinations:
    T*****************p [Local] (Last used)
      Total size: 4.00 TB
      Total number of backups: 146
      Oldest backup: 2016-01-31 00:20:05
      Last backup: 2019-09-02 23:39:12
  6 local snapshots
  Oldest local snapshot: 2019-10-31 17:44:39
  Last local snapshot: 2019-11-01 15:46:59

Performance:
  System Load: 1.52 (1 min ago) 1.50 (5 min ago) 0.79 (15 min ago)
  Nominal I/O speed: 17.44 MB/s
  File system: 17.91 seconds
  Write speed: 1497 MB/s
  Read speed: 1550 MB/s

CPU Usage Snapshot:
  Type Overall
  System 0 %
  User 1 %
  Idle 99 %

Top Processes Snapshot by CPU:
  Process (count) CPU (Source - Location)
  WindowServer 5.02 % (Apple)
  EtreCheckPro 5.02 % (Etresoft, Inc.)
  kernel_task 1.70 % (Apple)
  hidd 0.98 % (Apple)
  firefox 0.98 % (Mozilla Corporation)

Top Processes Snapshot by Memory:
  Process (count) RAM usage (Source - Location)
  kernel_task 3.62 GB (Apple)
  plugin-container (4) 598 MB (Mozilla Corporation)
  EtreCheckPro 553 MB (Etresoft, Inc.)
  com.malwarebytes.HelperTool 512 MB (Malwarebytes Corporation)
  mdworker (19) 509 MB (Apple)

Top Processes Snapshot by Network Use:
  Process (count) Input / Output (Source - Location)
  firefox 275 KB / 7 KB (Mozilla Corporation)
  mDNSResponder 32 KB / 31 KB (Apple)
  apsd 4 KB / 4 KB (Apple)
  backburnerManager 6 KB / 876 B (? - /usr/discreet/backburner)
  Malwarebytes Anti-Malware 0 B / 0 B (Malwarebytes Corporation)

Top Processes Snapshot by Energy Use:
  Process (count) Energy (0-100) (Source - Location)
  WindowServer 4 (Apple)
  firefox 1 (Mozilla Corporation)
  hidd 0 (Apple)
  Adobe (6) 0 (? - /Library/Application Support/Adobe)
  Core Sync 0 (Adobe Systems, Inc.)

Virtual Memory Information:
  Physical RAM: 96 GB

  Free RAM: 82.82 GB
  Used RAM: 7.81 GB
  Cached files: 5.37 GB

  Available RAM: 88.19 GB
  Swap Used: 0 B

Software Installs (past 30 days):
  Install Date Name (Version)
  2019-10-04 iTunes (12.8.2)
  2019-10-04 Modo 13.1v1 (13.1)
  2019-10-04 Adobe Flash Player
  2019-10-04 Disk Speed Test (3.2)
  2019-10-04 Substance Painter (2019.2.2)
  2019-10-05 MRTConfigData (1.50)
  2019-10-29 Safari (13.0.3)
  2019-10-30 XProtectPlistConfigData (2107)

Clean up:
  /Library/LaunchAgents/com.nvidia.nvagent.plist
    /Library/PreferencePanes/NVIDIA Driver Manager.prefPane/Contents/MacOS/NVAgent.app/Contents/MacOS/NVAgent
    Executable not found


Diagnostics Information (past 7 days):
  2019-11-01 10:04:21 Modo13.1v1.app High CPU Use
    Executable: /Applications/Modo13.1v1.app

  2019-11-01 09:44:52 helpd Memory
    Executable: /System/Library/PrivateFrameworks/HelpData.framework/Versions/A/Resources/helpd

  2019-10-31 09:26:15 SIMBL Agent.app Crash
    Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app
    Details:
      dyld: launch, running initializers
      /usr/lib/libSystem.B.dylib

  2019-10-29 15:47:11 trustd Memory
    Executable: /usr/libexec/trustd

  2019-10-29 09:02:31 Adobe Photoshop CC 2019.app High CPU Use
    Executable: /Applications/Adobe Photoshop CC 2019/Adobe Photoshop CC 2019.app

  2019-10-28 23:40:29 CEPHtmlEngine.app Crash
    Executable: /Applications/Adobe Photoshop CC 2019/Adobe Photoshop CC 2019.app/Contents/MacOS/CEPHtmlEngine.app
    Details:
      abort() called
      *** error for object 0x7fc600b8b8c8: incorrect checksum for freed obje
      ct - object was probably modified after being freed.

  2019-10-28 11:26:50 Adobe Bridge 2019.app High CPU Use
    Executable: /Applications/Adobe Bridge CC 2019/Adobe Bridge 2019.app


End of report
 
Macht einen sehr unseriösen Eindruck.
Ich würde von Filezilla Abstand nehmen. Früher war das seriös, aber jetzt?

Hast du mal Cyberduck ausprobiert?
 
  • Gefällt mir
Reaktionen: dodo4ever
Hast du mal Cyberduck ausprobiert?
Ja, hatte ich bisher immer genutzt. Aber heute gemerkt, dass keine Ordner angezeigt werden, die mit nem Punkt anfangen. (".well-known" für ein SSL-Zertifikat)
Und in FileZilla sind die Ordner sichtbar.
 
Ja, danke. Hätte ich wohl auch besser aufpassen sollen.
 
Zurück
Oben Unten